<?php
class UserAction extends CommonAction {
	public function _initialize() {
	    parent::_initialize();
		$user_id = $this->_request('id')?$this->_request('id'):0;
		if($user_id > 0 && $user_id != session(C('USER_AUTH_KEY')) && !(C('ADMIN_AUTH_KEY'))){
			$user = $this->dao -> where(array('id' => $user_id)) -> find();
			if($user['pid'] != session(C('USER_AUTH_KEY') )){
				$this->error('对不起！您没有管理该用户的权限！');exit;
			}
		}
	}
	
    public function index(){
		$this->listmap="1";
		if(!session(C('ADMIN_AUTH_KEY'))){
			$this->listmap .= " and pid=".session(C('USER_AUTH_KEY'));
		}else{
			$this->listmap .= " and pid = 0";
		}
		if($this->_param('keywords')){
			$keywords=$this->_param('keywords');
			$_GET['keywords']=urlencode($this->_param('keywords'));
			$this->listmap.=" and (nickname like '%{$keywords}%' or account like '%{$keywords}%')";
			$this->keywords=$keywords;
		}
		parent::_list();
		$site_userdb = M('Site_user');
		$supplier_userdb = M('Supplier_user');
		$list = $this->get('list');
//		var_dump($list);
		foreach($list as $k => $v){
		    $level= D('Member')->where('id = '.$v['member_id'])->getfield('level');
		    if($level==1){
		        $list[$k]['susername']=D('Supplier')->where('member_id = '.$v['member_id'])->getfield('susername');
            }else{
		        $list[$k]['susername']='';
            }
			$list[$k]['scope'] = $site_userdb -> alias('su') -> join("left join __SITE__ AS s on s.id = su.site_id") -> where(array('su.user_id' => $v['id'])) -> Field('s.title,s.id') -> select();
			$list[$k]['supplier'] = $supplier_userdb -> alias('su') -> join("left join __SUPPLIER__ AS s on s.id = su.supplier_id") -> where(array('su.user_id' => $v['id'])) -> Field('s.site_id,s.susername,s.id') -> select();
		}
		$this->assign('list', $list); 
		$this->display();
	}
    public function edit(){
		
		$this->role_list=M('Role')->alias('r')->join('left join __ROLE_USER__ ru ON r.id=ru.role_id and ru.user_id='.$this->_get('id')) -> where(array('r.user_id' => session(C('USER_AUTH_KEY')))) -> select();
		
		$this->sitelist = M('Site') -> where(array('uid' => $this->_get('id'))) -> select();
		parent::edit();
	}
	public function add(){
		$this->role_list=M('Role')-> where(array('user_id' => session(C('USER_AUTH_KEY')))) -> select();
		$this->sitelist = M('Site') -> where(array('uid' => 0)) -> select();
		parent::add();
	}
	
	public function sitelist(){
		$this->listmap = 1;
		$this->dao = D('Site');
		parent::_list("s","left join __USER__ as u on u.id=s.uid left join __TEMPLATE__ t on t.id=s.template_id","s.*,u.account as loginName,u.nickname as nickname, t.title templateName");
		$this->display();
	}
	
	public function update(){
		//绑定会员微信
		$id = $_POST['id'];//用户ID
		$mid = $_POST['mid'];//会员ID
		$memberUser = M('member_user');
		$memberUserDB['member_id'] = $mid;
		$memberUserDB['user_id']=$id;
		$memberUser->create($memberUserDB);
		$memberUser->add();
				
		if($this->_post('id')){
			$data=$_POST;
			//dump($data);exit(); 
			$flag=true;
			$role_user=M('Role_user');
            $role_user->where(array('user_id'=>$data['id']))->delete();
			foreach($data['role_id'] as $k=>$v){
				$r['user_id']=$data['id'];
				$r['role_id']=$v;
				if(!$role_user->add($r)){
					$flag=false;
				}
			}
			if($flag){
				$sitedb = M('Site');
				$sitedb -> data(array('uid' => 0)) -> where(array('uid' => $data['id'])) -> save();
				foreach($data['sitelist'] as $k => $v){
					$sdatap['uid'] = $data['id']; 
					$smap['id'] = $v;
					$sitedb -> where($smap) -> data($sdatap) -> save();
				}
				
				if(session(C('ADMIN_AUTH_KEY') )){
					if($_POST['password'] != ''){
						$_POST['password'] = md5($_POST['password']);
					}else{
						unset($_POST['password']);
					}
				}else{
					unset($_POST['password']);
				}
				
				if(!session(C('ADMIN_AUTH_KEY') )){
					$_POST['pid'] = session(C('USER_AUTH_KEY'));
					$_POST['isadministrator'] = 0;
					$_POST['anonymous'] = 0;
			    }
				parent::update();
			}else{
				$this->error('操作失败,请稍候重试!!!',U('edit',array('id'=>$data['id'])));
			}
		}else{
			$this->error('没有数据');
		}
	}
	public function insert(){
		if($jumpUrl == ''){
			$jumpUrl = (session('jumpUrl')&&session('jumpUrl')!='') ? session('jumpUrl') : U('Admin/' . MODULE_NAME . '/index');
		}
		if(isset($_POST)){
			if(!session(C('ADMIN_AUTH_KEY') )){
			    $_POST['pid'] = session(C('USER_AUTH_KEY'));
				$_POST['isadministrator'] = 0;
			}
			$_POST['password']=md5($_POST['password']);
			$createret = $this->dao->create();
			
			if(!$createret){
				$this->error($this->dao -> getError());exit;
			}
			
			$id = $this->dao->add();
			
			if(!$id){
				$this->error($this->dao -> getError());exit;
			}
			
			$data=$_POST;
			$flag=true;
			$role_user=M('Role_user');
            $role_user->where(array('user_id'=>$data['id']))->delete();
			foreach($data['role_id'] as $k=>$v){
				$r['user_id']=$id;
				$r['role_id']=$v;
				if(!$role_user->add($r)){
					$flag=false;
				}
			}
			if($flag){
				
				
				//不是超级管理员时默认当前站点管理权限
				if(!session(C('ADMIN_AUTH_KEY') )){
					D('Site_user') -> add(array('site_id' => $this->siteid, 'user_id' => $id));
				}
				
				
				
				$this->success('添加成功',$jumpUrl);
			}else{
				$this->error('出错了,可能是数据库链接出错,请检查');
			}
			//parent::insert();
		}
	}
	//删除
	public function delete(){
		if($this->_get('id')){
			if(session(C ( 'USER_AUTH_KEY' ))==$this->_get('id')){
				$this->error('您不能删除自己的账号');
			}else{
				parent::delete();
			}
		}
	}
	//修改密码
	public function changePwd(){
		if($this->_post('id')){
			$map['id']=$this->_post('id');
			$password['password']=md5($this->_post('password'));
			if(false !== $this->dao->where($map)->save($password)){
				$member=D('User')->where('id = '.$map['id'])->getfield('member_id');
				if($member){
					D('Member')->where('id = '.$member)->save(array('password'=>md5($this->_post('password'))));
				}
				$this->success('修改成功');
			}else{
				$this->error($this->dao->getError());
			}
		}
	}
}

?>